<?php
if(!isset($_SESSION)) 
	{ 
		session_start(); 
	}
include '../operations/connection.php';	


$idemployee = $_REQUEST['hiddenemployee'];
$oldpass = $_REQUEST['oldpass'];
$newpass = strtoupper(md5($_REQUEST['newpass']));

if(isset($_REQUEST['updatepass'])){
	$sqlupdate = "UPDATE employee e set e.Password='$newpass' WHERE e.IDEmployee = '$idemployee';";
	mysql_query($sqlupdate);

}

mysql_close($connection);

if(isset($_REQUEST['updatepass'])){
	$_SESSION['alertpass'] ="";
	header("Location: ../yourProfile.php");
	
}
?>